public async Task GetProfileDataAsync(IdentityServer4.Models.ProfileDataRequestContext context) { var user = await userManager.GetUserAsync(context.Subject); var roles = user != null ? await userManager.GetRolesAsync(user) : env.IsDevelopment() && context.Subject.Identity.Name == "admin" ? roleManager.Roles.Select(r => r.Name) : Enumerable.Empty <string>(); context.IssuedClaims.AddRange(roles.Select(r => new System.Security.Claims.Claim(IdentityModel.JwtClaimTypes.Role, r))); }
public virtual async Task GetProfileDataAsync(IdentityServer4.Models.ProfileDataRequestContext context) { context.IssuedClaims.AddRange(context.Subject.Claims); var client = new HttpClient(); var disco = await client.GetDiscoveryDocumentAsync("http://localhost:5000"); if (disco.IsError) { await Task.FromException(disco.Exception); Console.WriteLine(disco.Error); return; } // request token to access api1 var tokenResponse = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest { Address = disco.TokenEndpoint, ClientId = "client", ClientSecret = "secret", Scope = "api1" }); if (tokenResponse.IsError) { await Task.FromException(tokenResponse.Exception); Console.WriteLine(tokenResponse.ErrorDescription); return; } // make the api call var apiClient = new HttpClient(); apiClient.SetBearerToken(tokenResponse.AccessToken); // get user id - this is in the "sub" claim // avoids doing a round trip to the database var userID = context.Subject.Claims.FirstOrDefault(c => c.Type == "sub").Value; try { var response = await apiClient.GetAsync("http://localhost:5001/api/contract/getclaims/" + userID, HttpCompletionOption.ResponseContentRead);; if (!response.IsSuccessStatusCode) { Console.WriteLine(response.StatusCode); } else { // read the results var content = await response.Content.ReadAsStringAsync(); // convert (in this case we only expect one claim back var result = JsonConvert.DeserializeObject <ClaimValues>(content); // add it to the claims collection var c = new System.Security.Claims.Claim(result.Key, result.Value); context.IssuedClaims.Add(c); Console.WriteLine(content); } await Task.CompletedTask; } catch (HttpRequestException httpEx) { Console.WriteLine(httpEx.Message); } catch (InvalidOperationException invalidEx) { Console.WriteLine(invalidEx.Message); } catch (TaskCanceledException taskEx) { Console.WriteLine(taskEx.Message); } return; }